Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uPWCO61GDWBqbKT9_7tqZttPshE.roa
File:                     uPWCO61GDWBqbKT9_7tqZttPshE.roa (raw, json)
Hash identifier:          V5a/Fta6OcFNOVMDCyJ7T+BruMUNdYPsODowljTrNAc=
Subject key identifier:   B8:F5:82:3B:AD:46:0D:60:6A:6C:A4:FD:FF:BB:6A:66:DB:4F:B2:11
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A74A8C62D79D94D8BEEC74DE4C5DDAB18
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uPWCO61GDWBqbKT9_7tqZttPshE.roa
Signing time:             Fri 08 Sep 2023 11:58:52 +0000
ROA not before:           Fri 08 Sep 2023 11:58:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        194.87.1.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.26.0/23 maxlen: 23
                          195.58.36.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.62.0/23 maxlen: 23
                          194.87.108.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.134.0/23 maxlen: 23
                          194.87.133.0/24 maxlen: 24
                          195.133.6.0/24 maxlen: 24
                          195.133.7.0/24 maxlen: 24
                          194.87.40.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.58.154.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          195.133.85.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          194.87.222.0/24 maxlen: 24
                          194.87.151.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          195.133.40.0/24 maxlen: 24
                          192.124.191.0/24 maxlen: 24
                          195.133.40.0/23 maxlen: 23
                          194.87.190.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 08 Sep 2023 18:25:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:74:a8:c6:2d:79:d9:4d:8b:ee:c7:4d:e4:c5:dd:ab:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep  8 11:58:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8f5823bad460d606a6ca4fdffbb6a66db4fb211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a1:49:cc:d0:79:38:dc:54:a5:aa:35:42:86:
                    9f:4c:01:32:1b:9d:05:bc:6f:91:4c:d6:8d:18:58:
                    91:a3:79:9c:99:53:40:85:44:f6:38:7b:0a:31:51:
                    47:7b:91:ea:1c:40:6b:1d:98:16:c7:11:38:96:9e:
                    39:a6:35:4f:9e:08:e3:1b:e9:50:cf:0b:73:40:d4:
                    d3:0e:dc:bc:44:26:bb:3a:6f:5f:b4:37:96:80:73:
                    b1:eb:58:53:12:78:1e:cf:05:da:44:81:11:f0:6e:
                    3d:8e:92:ab:3c:18:38:05:b6:bf:5a:9c:57:dd:15:
                    b6:f6:92:bd:01:54:8a:20:57:3c:1f:75:66:92:18:
                    9d:2d:fc:58:91:fa:2b:60:9d:a9:a5:42:12:97:ef:
                    cb:5b:96:af:55:8c:61:56:08:14:c8:78:99:13:8d:
                    a4:19:7e:73:1b:b1:a5:42:28:86:c4:eb:47:dc:7c:
                    ff:98:d8:e2:45:e6:99:d4:57:fc:81:1e:ed:9f:46:
                    0d:41:55:c4:1e:61:9d:36:de:f8:95:d9:c3:3f:26:
                    ee:3c:9a:cf:b8:55:e6:48:6d:e5:9a:e3:0c:c9:af:
                    30:23:f3:0d:7b:e3:a3:4e:7d:e2:a8:5b:3a:d4:e1:
                    ae:c9:aa:35:8e:c4:61:8e:f9:63:3d:bc:9d:10:c5:
                    05:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:F5:82:3B:AD:46:0D:60:6A:6C:A4:FD:FF:BB:6A:66:DB:4F:B2:11
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uPWCO61GDWBqbKT9_7tqZttPshE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.178.0/24
                  192.124.191.0/24
                  193.124.16.0/24
                  193.124.80.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.47.0/24
                  194.58.154.0/24
                  194.87.1.0/24
                  194.87.11.0-194.87.12.255
                  194.87.26.0/23
                  194.87.40.0/24
                  194.87.56.0/24
                  194.87.73.0/24
                  194.87.83.0/24
                  194.87.108.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.124.0/24
                  194.87.130.0/23
                  194.87.133.0-194.87.135.255
                  194.87.151.0/24
                  194.87.168.0/24
                  194.87.179.0/24
                  194.87.190.0/24
                  194.87.200.0/24
                  194.87.222.0/24
                  195.58.36.0/24
                  195.58.54.0/24
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.6.0/23
                  195.133.30.0/24
                  195.133.40.0/23
                  195.133.73.0/24
                  195.133.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0a:80:72:54:0f:a3:01:5c:9f:62:62:38:08:26:64:c9:ce:44:
         cb:52:73:03:dd:70:5e:6d:5e:f8:ed:ca:da:91:0c:75:21:7c:
         e2:fb:9a:28:95:b3:10:eb:6e:db:18:77:33:d2:e0:6e:7f:d9:
         2c:a4:46:d8:7a:4d:f8:93:ca:d6:1b:43:2a:da:1a:78:bb:93:
         68:d2:c4:32:39:f5:aa:83:8f:2a:15:19:1b:e1:b1:6e:5a:bf:
         a8:a0:d9:a6:18:8d:8d:76:87:8f:e1:3d:dc:e0:b1:26:62:3c:
         0c:29:f2:68:40:a4:8d:77:35:84:50:19:fd:58:ef:91:a0:21:
         c3:7c:2e:e8:11:31:e9:37:18:d1:7e:20:e0:8e:80:7c:be:76:
         bf:ed:39:3c:71:22:24:8d:24:b3:0d:13:bb:fa:64:cb:64:36:
         cf:01:35:b6:11:95:88:c8:10:7c:2f:f9:f4:d0:af:1a:a6:9f:
         53:88:91:fa:00:83:48:7e:86:7f:89:e3:5e:13:7f:b6:a2:58:
         69:00:33:6a:81:42:fd:f1:75:41:d0:a1:d7:01:dc:a1:c6:44:
         47:40:4f:7a:5e:fb:8e:98:23:d4:b2:23:d9:dc:4c:cd:f0:4d:
         e0:94:0c:51:be:fe:73:9f:10:52:e7:c1:ea:7c:61:6a:a5:f0:
         5b:0e:d5:79
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYp0qMYtedlNi+7HTeTF3asYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA4MTE1ODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGY1ODIzYmFkNDYwZDYwNmE2Y2E0ZmRmZmJiNmE2NmRiNGZiMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6FJzNB5ONxUpao1QoafTAEyG50F
vG+RTNaNGFiRo3mcmVNAhUT2OHsKMVFHe5HqHEBrHZgWxxE4lp45pjVPngjjG+lQ
zwtzQNTTDty8RCa7Om9ftDeWgHOx61hTEngezwXaRIER8G49jpKrPBg4Bba/WpxX
3RW29pK9AVSKIFc8H3VmkhidLfxYkforYJ2ppUISl+/LW5avVYxhVggUyHiZE42k
GX5zG7GlQiiGxOtH3Hz/mNjiReaZ1Ff8gR7tn0YNQVXEHmGdNt74ldnDPybuPJrP
uFXmSG3lmuMMya8wI/MNe+OjTn3iqFs61OGuyao1jsRhjvljPbydEMUFAQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFLj1gjutRg1gamyk/f+7ambbT7IRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdVBXQ082MUdEV0JxYktUOV83dHFadHRQc2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
wHyyAwQAwHy/AwQAwXwQAwQAwXxQAwQAwXyFAwQAwXzIAwQAwjovAwQAwjqaAwQA
wlcBMAwDBADCVwsDBADCVwwDBAHCVxoDBADCVygDBADCVzgDBADCV0kDBADCV1MD
BADCV2wDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IwDAMEAMJXhQMEA8JXgAMEAMJX
lwMEAMJXqAMEAMJXswMEAMJXvgMEAMJXyAMEAMJX3gMEAMM6JAMEAMM6NgMEAcM6
OgMEAcM6PgMEAMOFAAMEAcOFBgMEAMOFHgMEAcOFKAMEAMOFSQMEAcOFVDANBgkq
hkiG9w0BAQsFAAOCAQEACoByVA+jAVyfYmI4CCZkyc5Ey1JzA91wXm1e+O3K2pEM
dSF84vuaKJWzEOtu2xh3M9Lgbn/ZLKRG2HpN+JPK1htDKtoaeLuTaNLEMjn1qoOP
KhUZG+Gxblq/qKDZphiNjXaHj+E93OCxJmI8DCnyaECkjXc1hFAZ/VjvkaAhw3wu
6BEx6TcY0X4g4I6AfL52v+05PHEiJI0ksw0Tu/pky2Q2zwE1thGViMgQfC/59NCv
GqafU4iR+gCDSH6Gf4njXhN/tqJYaQAzaoFC/fF1QdCh1wHcocZER0BPel77jpgj
1LIj2dxMzfBN4JQMUb7+c58QUufB6nxhaqXwWw7VeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org